Does Your Employer Ban Skype?

neutralino asks: "This morning, we received an company-wide email stating that the Max Planck Society (a German government funded research organization) has outlawed the use of P2P software at all of its institutes (including ours). The statement specifically singled out the use of Skype for internet telephony. The reasons given for this were that 'the exchanged data cannot be controlled' (therefore it might be illegal) and that 'Max-Planck or research resources in general might be abused, if "only" for commercial purposes.' This caught us by surprise, since many of us use VoIP to communicate with friends and family and collaborators, in our respective home countries. Is it now standard practice for companies, government organizations, and universities to outlaw Skype? Should it be?"

Of course they do ...

[eldavojohn]

I'm not going to tell you what company I work for but it is easily in the top 50 of the Fortune 500 [usatoday.com]. And, yes, Skype is banned--my employer would never let anyone use Skype.

On top of that, I don't have administrative rights to install anything on my computer. I have to go through a large control process to achieve that which requires me to explain what the software will be used for (and it better be a company resource). Therefore, it's almost out of the question to ask for it to be installed.

My company (and I have the feeling that many others are like this, too) would far rather throw truck loads of money at AT&T rather than risk something going wrong with the P2P aspects of Skype.

Furthermore, any kind of free software scares my employer. Big time. I know Skype isn't necessarily free so this is about other software I may want to use. They have this fear that they would be a large target if whoever wrote said software decided to take legal action upon discovering that employees of company X all used it to complete their daily jobs.

Not even stadiums full of lawyers claiming that, due to some software licenses, there's nothing to worry about could convince them otherwise.

No reason for Skype.

[LWATCDR]

From their point of view it is simple.
You want to talk to friends or family do it on your time.
If it is work related use their phone system.

The explanation we got...

[Anonymous Coward]

My employer bans Skype (yes, also singled out by name in the company-wide memo), and the explanation we got is (and, I'm paraphrasing here) "it takes a lot of bandwidth to support all that streaming, and you've already got a phone."

Kinda makes sense from that point of view.

Of course

[PFI_Optix]

Any sensible admin would do that.

Skype eats network traffic, and when you multiply a Skype call by several hundred that's a lot of resources being consumed. Not to mention the impact on productivity and the security risk that is presented by unverified software.

Also, any corporate lawyer will tell you that no company wants to risk legal problems caused by employee misconduct. They certainly don't want to get blindsided because of a Skype call that they have no way of monitoring, tracking, or keeping record of.

Of course they prohibit it.

[Joiseybill]

My employer already has a contract for telephone services. My employer can control and audit use - if they need or want to. If confidential information is divulged / threats promulgated/ illegal activity conducted through the existing telephone system, there are clear employment practices and laws to deal with that. Skype is not easily audited. Skype use -may- define the bandwidth provider (the employer) as the telephone service provider; leaving them open for subpeonas and other unwanted attention. Skype users might configure workstations to act as relays, giving away company resources. Right or wrong, they'd rather use POTS.

Same here, I wish it weren't.

[temojen]

I wish my employer would use something else. Something standard like SIP/RTP over IPSec. Skype is not open source, and uses a proprietary protocol, with a non-inspectable encryption implementation.

Skype is gratis, not libre.

Mobile/cell

[Anonymous Coward]

So are they going to ban mobile or cellular communications also? They aren't under the control of the company, can be used at work, and therefore can be used to leak information. Same goes for SMS, Blackberry (using BWC, NOT BES which obviously ties in to the companies server), MMS, etc.

Heck, take a camera phone picture of a document and sent it to someone using MMS. completely untracable by company audit logs.

Definately.

[Andy Dodd]

Firewalls that are "deny by default" are standard at most large corporations. I know it's been the default at every large corporation I work at.

No need to explicitly ban Skype, even without corporate policies, Skype wouldn't be able to get through many firewalls. It's designed to do NAT traversal, not punch through firewalls that block everything and only allow through whatever the proxy machine lets through. (Plus even if Skype could fake the proxy into thinking it was one of the allowed protocols, the latency through the proxy would make Skype practically unusable.)

Re:Of course they do ...

[cayenne8]

"Nobody is surfing aimlessly, nobody is emailing for non-company business, nobody is being interupted with non-company IM chat, and people get their work done. Remove the temptation and work gets done."

I guess it works for you. I personally couldn't work at a place that didn't treat me like a responsible adult. I do Oracle admin, and the good sign of a good DBA is when things are working, and you have some 'free time'. I often use this free time to not only surf for Oracle related topics, but, other general topics that interest me. Often, these topics are technical in nature, and have led to suggestions to try new things for our group or project...such as trying linux on our test computers. And this has been on DoD computers!! Someone that IS anal about security.

Also, if I can take some time during the day, when you have to get things done...pay a bill here or there, or contact people for personal reasons, it helps to allow the use of company/gov. computers to do this. I can do this there quickly, or I can take time off from work, leave, or stay home to do this, and that time away is time I'm missing to do work related things. I mean sure, if you're surfing porn and such at work, yeah, you should be canned. And if you're not responsible enough to not do something stupid like bring in a worm or virus (not a problem so far, as that I rarely use windows on my workstations, usually on my Linux boxes.

I guess my philosophy, is treat people like adults, if someone blows it, can them, but, don't penalize everyone just 'in case' someone might do something wrong or naughty.

No ban, but strongly advised against.

[Wanderer1]

I also work for a Fortune 500 firm, in the security department. I don't have any particular problem with Skype as a product, but we opted to advise our userbase against it.
The lack of control is the #1 reason, since we can't ensure confidentiality (not that the probability of eavesdropping is worth discussing, but risk management demands a level of due diligence here,) and bandwidth was another concern, not because of the supernode issue, our network would wreck that, but rather because we have enough crap to deal with and didn't need another "free product" to muck up our works with issues of code validation, accountability, confidentiality and service availability.

I don't like the way things have gone, but at least in Corporate America, I don't have enough peers to cover all the bases and management above me is expecting risks to be minimized, and even that is a huge challenge with just the stuff we paid for.

Hey, at least you have IM!